PT-2004-1633 · Squirrelmail · Squirrelmail
Roman Medina
·
Publicado
2004-06-03
·
Atualizado
2017-10-11
·
CVE-2004-0521
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
SquirrelMail versions prior to 1.4.3 RC1
Description
The issue allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via the "abook database.php" endpoint.
Recommendations
For versions prior to 1.4.3 RC1, update to version 1.4.3 RC1 or later to resolve the issue.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Squirrelmail